Class: Aker::Cas::Middleware::TicketRemover
- Inherits:
-
Object
- Object
- Aker::Cas::Middleware::TicketRemover
- Defined in:
- lib/aker/cas/middleware/ticket_remover.rb
Overview
Middleware which issues a redirect immediately after CAS authentication succeeds so that users never see a URL with the ticket in it. This prevents them from, e.g., bookmarking a URL with a ticket in it, keeping things cleaner and preventing requests to the CAS server for tickets which are definitely expired.
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app) ⇒ TicketRemover
constructor
A new instance of TicketRemover.
Constructor Details
#initialize(app) ⇒ TicketRemover
Returns a new instance of TicketRemover.
12 13 14 |
# File 'lib/aker/cas/middleware/ticket_remover.rb', line 12 def initialize(app) @app = app end |
Instance Method Details
#call(env) ⇒ Object
16 17 18 19 20 21 22 23 24 25 26 |
# File 'lib/aker/cas/middleware/ticket_remover.rb', line 16 def call(env) if authenticated?(env) && ticket_present?(env) request = Rack::Request.new(env) url = Aker::Cas::ServiceUrl.service_url(request) body = request.get? ? [%Q{<a href="#{url}">Click here to continue</a>}] : [] [301, { 'Location' => url, 'Content-Type' => 'text/html' }, body] else @app.call(env) end end |